Notebook ist unbrauchbar geworden

Hi. Schreibe hier von einem zweiten PC.

Bei meinem Notebook kann ich zwar Windows hochfahren, doch sobald ich eine einfache Word-Datei öffnen will, funktioniert dies leider nicht! Oder Internetexplorer. Doppelklick, die Sanduhr und dann tut sich nichts. Kein Programm lässt sich öffnen, und es lässt sich auch nicht rechte Maustaste und Programme auf externe Festplatte kopieren.

Könnte es sich hierbei um einen Virus handeln?

Wie kann ich meinen PC wieder einsatzfähig machen? Wäre über gute Ratschläge dankbar.

Mfg
Philipp

 

Lade dir das Antivir Rettungssystem runter, brenne es auf eine CD und boote davon.

 

Ein Scan mit Rsit kann uns einen Überblick über die Software verschaffen und Fehlermeldungen der Ereignisanzeige.
http://virus-protect.org/artikel/tools/random.html
Die beiden Log-Dateien dann bitte im Anhang hoch laden.

 

Hab' im Abgesicherten Modus heraufgefahren, und die Datei log.txt die ich erhielt sieht so aus:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Baum at 2009-01-03 10:12:19
Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (51%) free of 31 GB
Total RAM: 511 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:12:31, on 03.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Dokumente und Einstellungen\Baum\Desktop\RSIT.exe
C:\Programme\Trend Micro\HijackThis\Baum.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.yahoo.com
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp

Toolbar\winamptb.dll
O2 - BHO: (no name) - {26FF761C-5254-4395-A93D-8D2533686AD4} - (no file)
O2 - BHO: (no name) - {49687856-5404-4045-A621-5633DC93830F} - C:\WINDOWS\system32\efcBrSlJ.dll (file missing)
O2 - BHO: (no name) - {5210D973-16C7-4B97-95A2-D1CD9296DE7C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {63F58570-1CF5-4433-8DAF-02134E3B0663} - (no file)
O2 - BHO: (no name) - {67d40151-3824-4218-af0b-e1e159d1d0af} - C:\WINDOWS\system32\gogiyajo.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\mlJDurOg.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {77A82EBE-FDB2-4E82-A8C0-EF28EA97B405} - (no file)
O2 - BHO: (no name) - {A187F078-1D72-4A5A-9045-1B460C99AEBC} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -

C:\Programme\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {C84BA783-11F3-471D-BF56-1E3B165C08BD} - (no file)
O2 - BHO: (no name) - {D5CC473B-8353-4BBC-80C2-DF2ABCF5FE03} - (no file)
O2 - BHO: (no name) - {E6438038-58DB-4034-9114-9998C999A3E3} - (no file)
O2 - BHO: Microsoft copyright - {FFFFFFFF-BBBB-4146-86FD-A722E8AB3489} - sockins32.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [QtZwLMng] C:\Programme\QBU\QtZwLMng.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [vumuripodu] Rundll32.exe "C:\WINDOWS\system32\masoyumu.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [AVKBar] "C:\Programme\AntiVirenKit 2005\AVKBar.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Systray] rundll32.exe sockins32.dll,RunMain
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\Run: [vumuripodu] Rundll32.exe "C:\WINDOWS\system32\masoyumu.dll",s (User

'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: TimeLeft.lnk = C:\Programme\TimeLeft3\TimeLeft.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: TimeLeft.lnk = C:\Programme\TimeLeft3\TimeLeft.exe (User 'Default user')
O4 - Startup: TimeLeft.lnk = C:\Programme\TimeLeft3\TimeLeft.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp

Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren -

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe

(file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{26AAACDE-500C-42B0-805D-F7BBEB1BC9E0}: NameServer =

208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D2A4541-7425-4739-A974-C702FAB44203}: NameServer =

208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{C4ABAE9A-1339-4240-B71D-9F2B6519B6AD}: NameServer =

208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{F042647D-ABAD-4499-AB34-3531F3D728A4}: NameServer =

208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: mzgzlv.dll wywwbf.dll moogvn.dll

vpekfj.dll,C:\WINDOWS\system32\wehojavi.dll,C:\WINDOWS\system32\filulafo.dll
O20 - Winlogon Notify: mlJDurOg - mlJDurOg.dll (file missing)
O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Programme\AntiVirenKit 2005\AVKService.exe
O23 - Service: AVK Wächter (AVKWCtl) - Unknown owner - C:\Programme\AntiVirenKit 2005\AVKWCtl.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner -

C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner -

C:\Programme\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame

Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: UPnPService - Magix AG - C:\Programme\Gemeinsame Dateien\MAGIX

Shared\UPnPService\UPnPService.exe

--
End of file - 9651 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\jfrenpje.job
C:\WINDOWS\tasks\puwkeast.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{26FF761C-5254-4395-A93D-8D2533686AD4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{49687856-5404-4045-A621-5633DC93830F}]
C:\WINDOWS\system32\efcBrSlJ.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{5210D973-16C7-4B97-95A2-D1CD9296DE7C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{63F58570-1CF5-4433-8DAF-02134E3B0663}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{67d40151-3824-4218-af0b-e1e159d1d0af}]
C:\WINDOWS\system32\gogiyajo.dll [2008-09-30 61530]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
C:\WINDOWS\system32\mlJDurOg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{77A82EBE-FDB2-4E82-A8C0-EF28EA97B405}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{A187F078-1D72-4A5A-9045-1B460C99AEBC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\programme\google\googletoolbar2.dll [2008-04-27 2427968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-17 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{C84BA783-11F3-471D-BF56-1E3B165C08BD}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{D5CC473B-8353-4BBC-80C2-DF2ABCF5FE03}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{E6438038-58DB-4034-9114-9998C999A3E3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{FFFFFFFF-BBBB-4146-86FD-A722E8AB3489}]
Microsoft copyright - sockins32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programme\google\googletoolbar2.dll [2008-04-27 2427968]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2008-04-14 847898]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-10-08 57344]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]
"QtZwLMng"=C:\Programme\QBU\QtZwLMng.EXE [2003-04-04 196608]
"SunJavaUpdateSched"=C:\Programme\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"FreePDF Assistant"=C:\Programme\FreePDF_XP\fpassist.exe [2007-06-26 312320]
"WinampAgent"=C:\Programme\Winamp\winampa.exe [2008-04-01 36352]
"OpwareSE4"=C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-06-13 73728]
"CanonSolutionMenu"=C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Programme\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"IJNetworkScanUtility"=C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-11-19 128352]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"vumuripodu"=C:\WINDOWS\system32\masoyumu.dll [2008-09-30 61530]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2008-04-14 15360]
"AVKBar"=C:\Programme\AntiVirenKit 2005\AVKBar.exe [2004-10-07 659456]
"SpybotSD TeaTimer"=C:\Programme\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
"Systray"=sockins32.dll []
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-26 68856]
"Skype"=C:\Programme\Skype\Phone\Skype.exe [2008-11-18 21633320]

C:\Dokumente und Einstellungen\Baum\Startmenü\Programme\Autostart
TimeLeft.lnk - C:\Programme\TimeLeft3\TimeLeft.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="mzgzlv.dll wywwbf.dll moogvn.dll

vpekfj.dll,C:\WINDOWS\system32\wehojavi.dll,C:\WINDOWS\system32\filulafo.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mlJDurOg]
mlJDurOg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=C:\WINDOWS\system32\mlJDurOg.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\efcBrSlJ
"notification packages"=scecli
C:\WINDOWS\system32\wehojavi.dll
C:\WINDOWS\system32\filulafo.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authoriz

edapplications\list]
"C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"c:\cfxff0.exe"="c:\cfxff0.exe:*:EnabledHCP Client"
"C:\WINDOWS\system32\cssrss.exe"="C:\WINDOWS\system32\cssrss.exe:*:EnabledHCP Client"
"c:\umwlkg.exe"="c:\umwlkg.exe:*:EnabledHCP Client"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\DNA\btdna.exe"="C:\Programme\DNA\btdna.exe:*:EnabledNA"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows

Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows

Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
"C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe"="C:\Programme\Gemeinsame

Dateien\LogiShrd\LVCOMSER\LVComSer.exe:*:Enabled:LVComSer"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorize

dapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows

Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows

Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2009-01-03 10:12:19 ----D---- C:\rsit
2009-01-02 17:49:30 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-31 18:09:55 ----SH---- C:\WINDOWS\system32\apugapir.ini
2008-12-30 21:49:08 ----SH---- C:\WINDOWS\system32\evivogat.ini
2008-12-30 09:48:29 ----SH---- C:\WINDOWS\system32\odutovad.ini
2008-12-29 21:49:16 ----SH---- C:\WINDOWS\system32\orupusup.ini
2008-12-29 09:48:24 ----SH---- C:\WINDOWS\system32\awavoyim.ini
2008-12-28 21:47:44 ----SH---- C:\WINDOWS\system32\onokibej.ini
2008-12-28 09:48:03 ----SH---- C:\WINDOWS\system32\izovegun.ini
2008-12-27 21:48:18 ----SH---- C:\WINDOWS\system32\ekuguhis.ini
2008-12-27 09:47:10 ----SH---- C:\WINDOWS\system32\ufagekel.ini
2008-12-26 21:47:21 ----SH---- C:\WINDOWS\system32\ejususig.ini
2008-12-26 09:47:46 ----SH---- C:\WINDOWS\system32\awosuyul.ini
2008-12-25 18:06:32 ----SH---- C:\WINDOWS\system32\aravawaw.ini
2008-12-25 17:05:59 ----SH---- C:\WINDOWS\system32\erohuror.ini
2008-12-25 16:56:09 ----D---- C:\Dokumente und Einstellungen\Baum\Anwendungsdaten\Cakewalk
2008-12-25 16:39:00 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Identities
2008-12-25 16:25:56 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2008-12-25 16:25:47 ----A---- C:\WINDOWS\system32\ReWire.dll
2008-12-25 16:18:30 ----D---- C:\Programme\Cakewalk
2008-12-25 16:18:30 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Cakewalk
2008-12-25 16:18:30 ----D---- C:\Cakewalk Projects
2008-12-25 10:30:55 ----SH---- C:\WINDOWS\system32\btqmjlbu.ini
2008-12-25 10:30:52 ----A---- C:\WINDOWS\system32\ubljmqtb.dll
2008-12-25 10:29:01 ----A---- C:\WINDOWS\system32\vpekfj.dll
2008-12-23 13:09:08 ----SH---- C:\WINDOWS\system32\rnvkwuyb.ini
2008-12-23 13:07:15 ----A---- C:\WINDOWS\system32\moogvn.dll
2008-12-23 08:45:54 ----A---- C:\WINDOWS\system32\wywwbf.dll
2008-12-23 08:45:12 ----SH---- C:\WINDOWS\system32\vvevgwgy.ini
2008-12-23 08:45:06 ----A---- C:\WINDOWS\system32\ygwgvevv.dll
2008-12-21 23:37:38 ----A---- C:\WINDOWS\system32\mcrh.tmp
2008-12-21 21:13:06 ----SH---- C:\WINDOWS\system32\xqocbraq.ini
2008-12-21 21:13:03 ----A---- C:\WINDOWS\system32\qarbcoqx.dll
2008-12-21 21:11:10 ----A---- C:\WINDOWS\system32\mzgzlv.dll
2008-12-21 21:10:40 ----A---- C:\WINDOWS\system32\27fe5029-.txt
2008-12-21 21:10:03 ----ASH---- C:\WINDOWS\system32\JlSrBcfe.ini2
2008-12-21 21:10:02 ----ASH---- C:\WINDOWS\system32\JlSrBcfe.ini
2008-12-21 21:04:50 ----A---- C:\WINDOWS\system32\yayvWnNf.dll
2008-12-21 21:02:57 ----A---- C:\WINDOWS\system32\pmnnOHAt.dll
2008-12-21 21:02:17 ----RSH---- C:\WINDOWS\system32\wauclt.exe
2008-12-21 21:02:15 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2008-12-18 08:15:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-18 08:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-17 15:40:42 ----D---- C:\WINDOWS\Prefetch
2008-12-17 10:25:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-17 10:24:46 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-17 10:24:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-17 10:24:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-17 10:23:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-17 10:23:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-17 10:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-17 10:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-17 10:21:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-17 10:21:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-17 10:20:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-17 10:20:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-17 10:20:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-17 10:19:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-17 10:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-17 10:19:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-17 10:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-17 10:18:35 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-17 10:18:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-17 10:01:17 ----D---- C:\Programme\msn
2008-12-17 10:01:16 ----D---- C:\WINDOWS\l2schemas
2008-12-17 10:01:15 ----D---- C:\WINDOWS\system32\de
2008-12-17 10:01:14 ----D---- C:\WINDOWS\system32\bits
2008-12-13 09:34:54 ----D---- C:\WINDOWS\ie7updates
2008-12-13 09:33:12 ----D---- C:\WINDOWS\WBEM
2008-12-13 09:33:11 ----D---- C:\WINDOWS\system32\de-de
2008-12-13 09:30:29 ----HDC---- C:\WINDOWS\ie7
2008-12-13 09:29:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-13 09:28:15 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-13 09:26:07 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-13 09:25:43 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-12-13 09:21:35 ----D---- C:\WINDOWS\network diagnostic
2008-12-13 09:21:31 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-12-13 09:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-12-12 23:59:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 23:59:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 23:57:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-12 23:54:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2008-12-12 23:53:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2008-12-06 09:01:34 ----A---- C:\softokn3.dll
2008-12-06 09:01:34 ----A---- C:\plds4.dll
2008-12-06 09:01:34 ----A---- C:\plc4.dll
2008-12-06 09:01:34 ----A---- C:\nss3.dll
2008-12-06 09:01:32 ----A---- C:\nspr4.dll
2008-12-05 23:58:28 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
2008-12-05 14:49:00 ----D---- C:\Programme\Messenger Plus! Live

======List of files/folders modified in the last 1 months======

2009-01-03 10:08:30 ----D---- C:\WINDOWS\Temp
2009-01-03 09:34:32 ----D---- C:\WINDOWS\system32
2009-01-02 21:58:55 ----D---- C:\WINDOWS
2009-01-02 21:17:53 ----D---- C:\Programme\WinIFixer
2009-01-01 21:21:25 ----D---- C:\Dokumente und Einstellungen\Baum\Anwendungsdaten\Skype
2009-01-01 19:35:04 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
2009-01-01 19:33:00 ----ASH---- C:\WINDOWS\system32\nazurugu.dll
2009-01-01 19:32:59 ----D---- C:\Dokumente und Einstellungen\Baum\Anwendungsdaten\skypePM
2009-01-01 07:22:52 ----ASH---- C:\WINDOWS\system32\wewefove.dll
2008-12-31 20:11:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-31 20:11:10 ----D---- C:\Programme\AntiVirenKit 2005
2008-12-31 18:09:46 ----ASH---- C:\WINDOWS\system32\ripagupa.dll
2008-12-30 21:48:42 ----ASH---- C:\WINDOWS\system32\wifolila.dll
2008-12-30 21:48:39 ----ASH---- C:\WINDOWS\system32\tagovive.dll
2008-12-30 20:38:49 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater
2008-12-29 21:48:18 ----ASH---- C:\WINDOWS\system32\pusupuro.dll
2008-12-29 21:48:17 ----ASH---- C:\WINDOWS\system32\kuwotevi.dll
2008-12-28 16:08:29 ----D---- C:\Dokumente und Einstellungen\Baum\Anwendungsdaten\dvdcss
2008-12-28 09:47:45 ----ASH---- C:\WINDOWS\system32\nugevozi.dll
2008-12-27 21:47:23 ----ASH---- C:\WINDOWS\system32\gibokiho.dll
2008-12-27 21:47:22 ----ASH---- C:\WINDOWS\system32\sihuguke.dll
2008-12-27 17:57:17 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-25 18:06:13 ----ASH---- C:\WINDOWS\system32\wawavara.dll
2008-12-25 17:42:05 ----D---- C:\WINDOWS\Minidump
2008-12-25 17:05:53 ----ASH---- C:\WINDOWS\system32\tituzeki.dll
2008-12-25 16:38:40 ----HD---- C:\WINDOWS\inf
2008-12-25 16:25:08 ----SHD---- C:\WINDOWS\Installer
2008-12-25 16:25:00 ----D---- C:\WINDOWS\WinSxS
2008-12-25 16:18:37 ----RSD---- C:\WINDOWS\Fonts
2008-12-25 16:18:30 ----RD---- C:\Programme
2008-12-22 20:49:25 ----D---- C:\Programme\Google
2008-12-21 21:05:01 ----SD---- C:\WINDOWS\Tasks
2008-12-18 08:15:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-18 08:15:47 ----A---- C:\WINDOWS\imsins.BAK
2008-12-18 08:15:40 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-17 15:42:31 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-17 15:42:16 ----D---- C:\Programme\Windows Media Player
2008-12-17 15:40:48 ----A---- C:\WINDOWS\setuplog.txt
2008-12-17 15:40:07 ----D---- C:\WINDOWS\system32\Setup
2008-12-17 15:40:06 ----D---- C:\WINDOWS\AppPatch
2008-12-17 15:40:05 ----D---- C:\WINDOWS\system32\wbem
2008-12-17 15:39:50 ----D---- C:\WINDOWS\system32\drivers
2008-12-17 15:39:12 ----D---- C:\WINDOWS\security
2008-12-17 10:25:39 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-17 10:18:37 ----D---- C:\Programme\Messenger
2008-12-17 10:04:12 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-17 10:04:01 ----D---- C:\WINDOWS\Help
2008-12-17 10:03:26 ----D---- C:\WINDOWS\EHome
2008-12-17 10:03:16 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-17 10:03:11 ----D---- C:\WINDOWS\ime
2008-12-17 10:01:23 ----D---- C:\WINDOWS\system32\usmt
2008-12-17 10:01:14 ----D---- C:\WINDOWS\peernet
2008-12-17 10:01:13 ----D---- C:\Programme\Movie Maker
2008-12-17 09:49:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-17 09:42:08 ----D---- C:\WINDOWS\system32\Restore
2008-12-17 09:42:07 ----D---- C:\WINDOWS\system32\npp
2008-12-17 09:42:02 ----D---- C:\WINDOWS\msagent
2008-12-17 09:41:57 ----D---- C:\WINDOWS\srchasst
2008-12-17 09:41:41 ----D---- C:\Programme\NetMeeting
2008-12-17 09:41:30 ----D---- C:\WINDOWS\system32\Com
2008-12-17 09:41:07 ----D---- C:\Programme\Outlook Express
2008-12-17 09:40:43 ----D---- C:\Programme\Gemeinsame Dateien\System
2008-12-17 09:39:26 ----D---- C:\WINDOWS\system32\oobe
2008-12-17 09:39:17 ----D---- C:\WINDOWS\system
2008-12-17 09:20:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-17 09:20:24 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-13 09:40:07 ----D---- C:\Programme\Internet Explorer
2008-12-13 09:33:25 ----D---- C:\WINDOWS\system32\config
2008-12-13 09:32:59 ----D---- C:\WINDOWS\Media
2008-12-13 07:36:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 23:58:33 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2003-01-17 16256]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys

[2008-04-13 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbuhci.sys

[2008-04-13 20608]
S1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448]
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2008-04-26 16512]
S3 {DEF85C80-216A-43ab-AF70-1665EDBE2780};{DEF85C80-216A-43ab-AF70-1665EDBE2780};

\??\C:\WINDOWS\TEMP\127.tmp []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-11-20 1205292]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-10-03 401152]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-09

475788]
S3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-12-13 647680]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys

[2004-07-06 44032]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\System32\DRIVERS\CmBatt.sys

[2008-04-13 13952]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2007-07-19 22296]
S3 FINEPIX_PCC;FinePix Digital Camera 020715; C:\WINDOWS\System32\Drivers\V4CB0113.SYS [2001-11-25 81924]
S3 GDInterceptor;GDInterceptor; \??\C:\WINDOWS\System32\interceptor.sys []
S3 HookCentre;HookCentre; \??\C:\WINDOWS\System32\drivers\HookCentre.sys []
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-07-19 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-07-19

2142488]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-07-19 1920920]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-07-19 41752]
S3 LVUVC;Logitech QuickCam Pro 9000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-07-19 3599000]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13

5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StillCam;Treiber für serielle Digitalkamera; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-08-18 7040]
S3 streamip;BDA-IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 w22n51;Intel(R) PRO/Wireless 2200 Adapter-Treiber; C:\WINDOWS\System32\DRIVERS\w22n51.sys [2004-01-02

1646720]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-12-13 397312]
S2 AVKService;AVK Service; C:\Programme\AntiVirenKit 2005\AVKService.exe [2004-09-28 299008]
S2 AVKWCtl;AVK Wächter; C:\Programme\AntiVirenKit 2005\AVKWCtl.exe [2004-11-30 561152]
S2 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-17

168432]
S2 ICQ Service;ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
S2 IJPLMSVC;PIXMA Extended Survey Program; C:\Programme\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
S2 LVCOMSer;LVCOMSer; C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-19 186904]
S2 LVPrcSrv;Process Monitor; C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-19 137752]
S2 LVSrvLauncher;LVSrvLauncher; C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-19 141848]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Programme\MAGIX\Common\Database\bin\fbserver.exe

[]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28

89136]
S3 UPnPService;UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe

[2006-12-14 544768]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Programme\Windows

Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programme\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

 

Die Datei Info enthielt dann:

info.txt logfile of random's system information tool 1.05 2009-01-03 10:12:35

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->"C:\Programme\7-Zip\Uninstall.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
AFPL Ghostscript 8.54-->C:\Programme\gs\uninstgs.exe "C:\Programme\gs\gs8.54\uninstal.txt"
AFPL Ghostscript Fonts-->C:\Programme\gs\uninstgs.exe "C:\Programme\gs\fonts\uninstal.txt"
Agere Systems AC'97 Modem-->agrsmdel
Anti-Spy.Info 1.7-->C:\Programme\Anti-Spy.Info\Uninstal.exe "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Anti-Spy.Info"
AntiVirenKit 2005-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{31E9AC0D-24C4-4A6D-81D7-290263E3C131}\setup.exe" -l0x7 -removeonly
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
Canon IJ Network Scan Utility-->C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSU.EXE
Canon IJ Network Tool-->C:\Programme\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon MP Navigator EX 1.1-->"C:\Programme\Canon\MP Navigator EX 1.1\Maint.exe" /UninstallRemove C:\Programme\Canon\MP Navigator EX 1.1\uninst.ini
Canon MX850 series Benutzerregistrierung-->C:\Programme\Canon\IJEREG\MX850 series\UNINST.EXE
Canon MX850 series-->"C:\WINDOWS\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series /L0x0007
Canon My Printer-->C:\Programme\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Programme\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Programme\Canon\SolutionMenu\uninst.exe uninst.ini
CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CorelDRAW Graphics Suite 12-->MsiExec.exe /I{505AFDC0-5E72-4928-8368-5DEA385E3647}
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)-->C:\Programme\MAGIX\Common\Database\uninstall.exe
FLVPlayer4Free Free FLV Player 2.9.0.0-->"C:\Programme\FLVPlayer4Free\unins000.exe"
FreePDF XP (Remove only)-->C:\Programme\FreePDF_XP\fpsetup.exe /r
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\programme\google\googletoolbar2.dll"
Google Updater-->"C:\Programme\Google\Google Updater\GoogleUpdater.exe" -uninstall
Google Video Player-->"C:\Programme\Google\Google Video Player\Uninstall.exe"
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
ICQ Toolbar-->C:\Programme\ICQ6Toolbar\ICQUnToolbar.exe
ICQ6-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IsoBuster 2.3-->"C:\Programme\Smart Projects\IsoBuster\Uninst\unins000.exe"
Jade Empire-->C:\WINDOWS\Uninstall Jade Empire.exe
Java 2 Runtime Environment Standard Edition v1.3.1-->C:\WINDOWS\IsUninst.exe -fC:\Programme\JavaSoft\JRE\1.3.1\Uninst.isu
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Logitech QuickCam-->MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0}
Logitech® Camera-Treiber-->"C:\Programme\Gemeinsame Dateien\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
MAGIX Foto Manager 2007 4.2.0.42 (D)-->C:\Programme\MAGIX\Foto_Manager_2007\instslct.exe
MAGIX Goya burnR 2.3.1.3 (D)-->C:\Programme\MAGIX\Goya_burnR\instslct.exe
MAGIX Music Maker Techno Edition 2 4.0.0.10 (D)-->C:\Programme\MAGIX\MusicMakerTechnoEdition2\instslct.exe
MAGIX Music Manager 2007 8.2.0.54 (D)-->C:\Programme\MAGIX\Music_Manager_2007\instslct.exe
MAGIX Online Druck Service 2.3.2.0 (D)-->C:\Programme\MAGIX\Online_Druck_Service\instslct.exe
Memotrainer plus 2.0-->MsiExec.exe /X{3678BD95-A16F-4362-9789-F14827BF8474}
Messenger Plus! Live-->"C:\Programme\Messenger Plus! Live\Uninstall.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110407-6000-11D3-8CFE-0150048383C9}
MSM32Installer-->MsiExec.exe /I{55A75679-02D1-4C8C-85CA-B4E4DF4D775F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Music Creator 4-->"C:\Programme\Cakewalk\Music Creator 4\unins000.exe"
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
PCFriendly-->C:\Program Files\PCFriendly\inuninst.exe
PIXMA Extended Survey Program-->C:\Programme\Canon\IJPLM\SETUP.EXE -R
Presto! PageManager 7.15.20-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}\PMSetup.exe" -l0x7 anythinganything -removeonly
Quick Button ( WinXP )-->C:\WINDOWS\UnInst32.exe QtZwLMng.UNI
RedMon - Redirection Port Monitor-->C:\WINDOWS\System32\unredmon.exe
ScanSoft OmniPage SE 4-->MsiExec.exe /I{66B4C110-8BEB-49B5-824E-C70AEEB20ECD}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Spybot - Search & Destroy-->"C:\Programme\Spybot - Search & Destroy\unins000.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
TimeLeft-->"C:\Programme\TimeLeft3\unins000.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6f-->C:\Programme\VideoLAN\VLC\uninstall.exe
Winamp Toolbar for Firefox-->"\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp Toolbar for Internet Explorer-->"C:\Programme\Winamp Toolbar\uninstall.exe"
Winamp-->"C:\Programme\Winamp\UninstWA.exe"
Windows Live Anmelde-Assistent-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer-->MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}
Windows Live Messenger-->MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220}
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinIFixer-->"C:\Programme\WinIFixer\uninstall.exe"
WinRAR-->C:\Programme\WinRAR\uninstall.exe
Yahoo! Extras-->C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Install Manager-->C:\WINDOWS\System32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\WINDOWS\System32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: G DATA AntiVirenKit 2005

System event log

Computer Name: PHILIPP
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "HookCentre" gesendet.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20090103100826.000000+060
Event Type: information
User: NT-AUTORITÄT\SYSTEM

Computer Name: PHILIPP
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Kompatibilität für schnelle Benutzerumschaltung" gesendet.

Record Number: 4
Source Name: Service Control Manager
Time Written: 20090103100826.000000+060
Event Type: information
User: NT-AUTORITÄT\SYSTEM

Computer Name: PHILIPP
Event Code: 7036
Message: Dienst "Terminaldienste" befindet sich jetzt im Status "Ausgeführt".

Record Number: 3
Source Name: Service Control Manager
Time Written: 20090103100826.000000+060
Event Type: information
User:

Computer Name: PHILIPP
Event Code: 6005
Message: Der Ereignisprotokolldienst wurde gestartet.

Record Number: 2
Source Name: EventLog
Time Written: 20090103100755.000000+060
Event Type: information
User:

Computer Name: PHILIPP
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090103100755.000000+060
Event Type: information
User:

Application event log

Computer Name: PHILIPP
Event Code: 102
Message: msnmsgr (200) \\.\C:\Dokumente und Einstellungen\Baum\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\home@lycos.at\SharingMetadata\Working\database_542C_DDB8_2CDD_94F8\dfsr.db: Das Datenbankmodul hat eine neue Instanz gestartet (0).

Record Number: 3302
Source Name: ESENT
Time Written: 20081217100302.000000+060
Event Type: information
User:

Computer Name: PHILIPP
Event Code: 100
Message: msnmsgr (200) Das Datenbankmodul 5.01.2600.2180 ist gestartet.

Record Number: 3301
Source Name: ESENT
Time Written: 20081217100302.000000+060
Event Type: information
User:

Computer Name: PHILIPP
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.

Record Number: 3300
Source Name: usnjsvc
Time Written: 20081217100248.000000+060
Event Type:
User:

Computer Name: PHILIPP
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 3299
Source Name: LoadPerf
Time Written: 20081217095000.000000+060
Event Type: information
User:

Computer Name: PHILIPP
Event Code: 1001
Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden entfernt. Die Daten
enthalten die neuen Werte der Registrierungseinträge Last Counter
und Last Help.

Record Number: 3298
Source Name: LoadPerf
Time Written: 20081217094949.000000+060
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Smart Projects\IsoBuster
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 9 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0905
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"SAFEBOOT_OPTION"=MINIMAL

-----------------EOF-----------------

 

Wie kann ich meinen PC soweit retten, um wieder ins Internet zu können, im Messenger zu schreiben und/oder eine Datei zu öffnen?

 

Das System ist nicht mehr zu retten. Regedit ist deaktiviert (vermutlich von einem Trojaner mit Rootkitfunktion). AVK2005 ist uralt.
Diverse unbekannte Dateien haben sich unter c:\windows\system32 eingenistet.
Empfehlung: Neu aufsetzen

 

Dankesehr!

 

Ich musste gar nicht neu aufstetzen!
*hehe* Siehst du - diesen Beitrag schreibe ich schon von meinem Notebook!

Der Freund von meiner Schwester hat sich das angesehen und jetzt geht mein PC wieder!!! *juhu*

 

Auch wenn dein PC jetzt wieder genutzt werden kann, würde ich dem kein E-Mail-Passwort, kein Foren-Passwort oder eine Homebanking-TAN anvertrauen ;-)

 

kommt noch und wundere dich nicht wenn private Dinge von dir im Netz auftauchen